Cyberspies linked to Memento ransomware use new PowerShell malware
An Iranian state-backed hacking group tracked as APT35 (aka Phosphorus or Charming Kitten) is now deploying a new backdoor called…
Windows vulnerability with new public exploits lets you become admin
A security researcher has publicly disclosed an exploit for a Windows local privilege elevation vulnerability that allows anyone to gain…
Microsoft Outlook RCE zero-day exploits now selling for $400,000
Exploit broker Zerodium has announced a pay jump to 400,000 for zero-day vulnerabilities that allow remote code execution (RCE) in…
Log4j Proved Public Disclosure Still Helps Attackers
Disclosure also puts organizations in the awkward position of trying to mitigate a vulnerability without something like a vendor patch…
Millions of Routers, IoT Devices at Risk as Malware Source Code Surfaces on GitHub
"BotenaGo" contains exploits for more than 30 vulnerabilities in multiple vendor products and is being used to spread Mirai botnet…
Experts Urge Firms to Patch Trivial-to-Exploit Flaw in Linux PolicyKit
The memory corruption vulnerability in a policy component installed by default on most Linux distributions allows any user to become…
Cybersecurity Experts Share Their Predictions for 2022
By Danny Lopez, CEO of Glasswall The year 2021 raised many major cybersecurity concerns including the rise in […] The…
4 Steps Toward Knowing Your Exploitable Attack Surface
Actionable steps you can take today to identify the true risk your organization faces — learn how to separate the…
CISA adds 17 vulnerabilities to list of bugs exploited in attacks
This week, the Cybersecurity and Infrastructure Security Agency (CISA) added seventeen actively exploited vulnerabilities to the 'Known Exploited Vulnerabilities Catalog.…
Dutch cybersecurity agency warns of lingering Log4j risks
In a warning issued on Thursday, the Dutch National Cybersecurity Centre (NCSC) says organizations should still be aware of risks connected…